There is a sslstrip package for openwrt which installs fine on the fon, I just couldn't get it to work! Very frustraiting, being in the middle but note being able to actually modify any of the traffic.
Robin 2009/11/14 Nils <[email protected]>: > sorry, I meant on the PC. My script has been written for BT4. > So then the iptables rule with port 80 is still fine at least for PC usage. > > Robin, I still have your Jasager Installation on one of my Foneras. I'll > give it a try with sslstrip. > > > > Robin Wood wrote: >> 2009/11/13 Joseph McManus <[email protected]>: >> >>> Hello, >>> >>> The way I got this to work was setting the ip of my Linux machine as the >>> default gateway on the Fon. Then use the Iptable rules as usual on the >>> linux machine iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j >>> REDIRECT --to-port 10000 set ssl strip to listen to port 10000. Works like >>> a charm. >>> >> >> That is having sslstrip on the PC, I wanted it on the Fon, I assumed >> Nils did but this is an option. >> >> Robin >> >> >>> ~Joe >>> >>> Make sure your Linux machine is set to forwarding mode. >>> >>> On Fri, Nov 13, 2009 at 9:38 AM, Robin Wood <[email protected]> wrote: >>> >>>> Good luck with this, I've been trying to get it working for at least >>>> the past month, see all the questions I asked the list about bridging >>>> and iptables. >>>> >>>> The problem as far as I can tell is that when the two nics are bridged >>>> that it is very hard to get hold of the traffic as it doesn't make it >>>> to the iptables layer. You apparently need to use ebtables to >>>> manipulate this traffic but again, I couldn't make ebtables affect the >>>> traffic. >>>> >>>> If you do get anything working or want any help then let me know and I >>>> can share my notes. >>>> >>>> Robin >>>> >>>> 2009/11/13 Nils <[email protected]>: >>>> >>>>> Hi, >>>>> I got a question on the LaFonera Tech Segment in episode 174. >>>>> When using sslstrip you suggest to use this iptables rule on the Fonera: >>>>> iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT >>>>> --to-port 80 >>>>> having sslstrip listen on port 80 >>>>> >>>>> I'm working an evil AP script combining all these attacks using BT4 with >>>>> some additions and I'm using this iptables rule: >>>>> iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT >>>>> --to-port 10000 >>>>> having sslstrip listen on port 10000 >>>>> >>>>> I got the impression that it is not necessary to pipe https traffic on >>>>> port 443 through sslstrip and that the session initiation on http port >>>>> 80 is what sslstrip takes care of. >>>>> >>>>> By the way, episode 173 inspired me to include the Social Engineering >>>>> Toolkit in my script. I wonder how that works out ;-) >>>>> >>>>> Nils >>>>> >>>>> _______________________________________________ >>>>> Pauldotcom mailing list >>>>> [email protected] >>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>> Main Web Site: http://pauldotcom.com >>>>> >>>>> >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>>> >>> >>> -- >>> Computer Problems? I can Help! >>> http://www.crossloop.com/joemcmanus >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >>> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
